rpms/tqsllib/devel tqsllib-2.0-openssl.patch, 1.1, 1.2 tqsllib.spec, 1.1, 1.2

Lucian Langa lucilanga at fedoraproject.org
Mon Jan 12 13:05:08 UTC 2009 

Author: lucilanga

Update of /cvs/pkgs/rpms/tqsllib/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv25322

Modified Files:
	tqsllib-2.0-openssl.patch tqsllib.spec 
Log Message:
 Mon Jan 12 2009 Lucian Langa <cooly at gnome.eu.org> - 2.0-5
- modify patch0 to include fix for #479650 (CVE-2008-5077 related)

tqsllib-2.0-openssl.patch:

Index: tqsllib-2.0-openssl.patch
===================================================================
RCS file: /cvs/pkgs/rpms/tqsllib/devel/tqsllib-2.0-openssl.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- tqsllib-2.0-openssl.patch	24 Aug 2008 09:24:52 -0000	1.1
+++ tqsllib-2.0-openssl.patch	12 Jan 2009 13:05:08 -0000	1.2
@@ -1,5 +1,14 @@
 --- tqsllib-2.0/openssl_cert.cpp	2005-03-11 14:47:11.000000000 +0200
-+++ tqsllib-openssl/openssl_cert.cpp	2008-02-26 08:27:47.000000000 +0200
++++ tqsllib-2.0-mod/openssl_cert.cpp	2009-01-12 14:58:00.000000000 +0200
+@@ -1178,7 +1178,7 @@
+ 	}
+ 	EVP_VerifyInit(&ctx, EVP_sha1());
+ 	EVP_VerifyUpdate(&ctx, data, datalen);
+-	if (!EVP_VerifyFinal(&ctx, sig, slen, TQSL_API_TO_CERT(cert)->key)) {
++	if (EVP_VerifyFinal(&ctx, sig, slen, TQSL_API_TO_CERT(cert)->key) <= 0) {
+ 		tQSL_Error = TQSL_OPENSSL_ERROR;
+ 		return 1;
+ 	}
 @@ -1288,7 +1288,7 @@
  							sk_ASN1_TYPE_push(attrib->value.set, val);
  #if (OPENSSL_VERSION_NUMBER & 0xfffff000) == 0x00906000


Index: tqsllib.spec
===================================================================
RCS file: /cvs/pkgs/rpms/tqsllib/devel/tqsllib.spec,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- tqsllib.spec	24 Aug 2008 09:24:52 -0000	1.1
+++ tqsllib.spec	12 Jan 2009 13:05:08 -0000	1.2
@@ -1,6 +1,6 @@
 Name: tqsllib
 Version: 2.0
-Release: 4%{?dist}
+Release: 5%{?dist}
 Summary: The TrustedQSL library
 Group: Development/Libraries
 License: BSD
@@ -79,6 +79,9 @@
 %postun -p /sbin/ldconfig
 
 %changelog
+* Mon Jan 12 2009 Lucian Langa <cooly at gnome.eu.org> - 2.0-5
+- modify patch0 to include fix for #479650 (CVE-2008-5077 related)
+
 * Thu Aug 21 2008 Lucian Langa <cooly at gnome.eu.org> - 2.0-4
 - make directory own by package

More information about the fedora-extras-commits mailing list